CVE & Exploit Intelligence Database

CVE-2025-65717 4.3 MEDIUM 1 PoC 1 Writeup Analysis EPSS 0.00

An issue in Visual Studio Code Extensions Live Server v5.7.9 allows attackers to exfiltrate files via user interaction with a crafted HTML page.

CWE-601 Feb 16, 2026

CVE-2026-21879 4.7 MEDIUM 1 PoC 1 Writeup Analysis EPSS 0.00

Kanboard is project management software focused on Kanban methodology. Versions 1.2.48 and below are vulnerable to an Open Redirect attack that allows malicious actors to redirect authenticated users to attacker-controlled websites. By crafting URLs such as //evil.com, attackers can bypass the filter_var($url, FILTER_VALIDATE_URL) validation check. This vulnerability could be exploited to conduct phishing attacks, steal user credentials, or distribute malware. The issue is fixed in version 1.2.49.

CWE-601 Jan 08, 2026

CVE-2023-53901 5.4 MEDIUM 1 PoC Analysis EPSS 0.00

WBCE CMS 1.6.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML and CSS to capture user keystrokes. Attackers can upload a crafted HTML file with CSS-based keylogging techniques to intercept password characters through background image requests.

CWE-601 Dec 16, 2025

CVE-2025-34504 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

KodExplorer 4.52 contains an open redirect vulnerability in the user login page that allows attackers to manipulate the 'link' parameter. Attackers can craft malicious URLs in the link parameter to redirect users to arbitrary external websites after authentication.

CWE-601 Dec 11, 2025

CVE-2024-34328 6.3 MEDIUM 1 PoC Analysis EPSS 0.00

An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted URL.

CWE-601 Jul 31, 2025

CVE-2025-4123 7.6 HIGH EXPLOITED 10 PoCs Analysis NUCLEI EPSS 0.04

A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF. The default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive.

CWE-601 May 22, 2025

CVE-2023-6786 6.1 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.01

The Payment Gateway for Telcell WordPress plugin through 2.0.1 does not validate the api_url parameter before redirecting the user to its value, leading to an Open Redirect issue

CWE-601 May 15, 2025

CVE-2025-27888 5.4 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.01

Severity: medium (5.8) / important Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache Druid. This issue affects all previous Druid versions. When using the Druid management proxy, a request that has a specially crafted URL could be used to redirect the request to an arbitrary server instead. This has the potential for XSS or XSRF. The user is required to be authenticated for this exploit. The management proxy is enabled in Druid's out-of-box configuration. It may be disabled to mitigate this vulnerability. If the management proxy is disabled, some web console features will not work properly, but core functionality is unaffected. Users are recommended to upgrade to Druid 31.0.2 or Druid 32.0.1, which fixes the issue.

CWE-601 Mar 20, 2025

CVE-2025-21401 4.5 MEDIUM 1 PoC Analysis EPSS 0.00

Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

CWE-601 Feb 15, 2025

CVE-2025-25198 7.1 HIGH 3 PoCs Analysis EPSS 0.03

mailcow: dockerized is an open source groupware/email suite based on docker. Prior to version 2025-01a, a vulnerability in mailcow's password reset functionality allows an attacker to manipulate the `Host HTTP` header to generate a password reset link pointing to an attacker-controlled domain. This can lead to account takeover if a user clicks the poisoned link. Version 2025-01a contains a patch. As a workaround, deactivate the password reset functionality by clearing `Notification email sender` and `Notification email subject` under System -> Configuration -> Options -> Password Settings.

CWE-601 Feb 12, 2025

CVE-2024-57241 6.5 MEDIUM 2 PoCs Analysis EPSS 0.07

Dedecms 5.71sp1 and earlier is vulnerable to URL redirect. In the web application, a logic error does not judge the input GET request resulting in URL redirection.

CWE-601 Feb 11, 2025

CVE-2024-9387 6.4 MEDIUM 2 PoCs Analysis EPSS 0.00

An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could potentially perform an open redirect against a given releases API endpoint.

CWE-601 Dec 12, 2024

CVE-2024-35133 6.8 MEDIUM 2 PoCs Analysis EPSS 0.03

IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote authenticated attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

CWE-601 Aug 29, 2024

CVE-2024-22262 8.1 HIGH 1 PoC Analysis EPSS 0.12

Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259  and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.

CWE-918 Apr 16, 2024

CVE-2024-0337 6.1 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.01

The Travelpayouts: All Travel Brands in One Place WordPress plugin through 1.1.15 is vulnerable to Open Redirect due to insufficient validation on the travelpayouts_redirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

CWE-601 Mar 20, 2024

CVE-2024-22891 9.8 CRITICAL 1 PoC Analysis EPSS 0.32

Nteract v.0.28.0 was discovered to contain a remote code execution (RCE) vulnerability via the Markdown link.

CWE-601 Mar 01, 2024

CVE-2024-22243 8.1 HIGH 3 PoCs Analysis EPSS 0.56

Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.

CWE-601 Feb 23, 2024

CVE-2024-0250 6.1 MEDIUM 1 PoC Analysis NUCLEI EPSS 0.13

The Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin before 6.3 is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.

CWE-601 Feb 12, 2024

CVE-2024-24034 6.1 MEDIUM 1 PoC Analysis EPSS 0.00

Setor Informatica S.I.L version 3.0 is vulnerable to Open Redirect via the hprinter parameter, allows remote attackers to execute arbitrary code.

CWE-601 Feb 08, 2024

CVE-2024-24291 6.1 MEDIUM 1 PoC EPSS 0.00

An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to malicious sites via a crafted URL.

CWE-601 Feb 06, 2024